Claims 



What is claimed is: 

L A system for controlling access to information items comprising: 

a) a storage subsystem containing definitions of customer groups, customer information 
including which customer group or groups to which each customer belongs, information item 
definitions including which customer group or groups with which each information item is 
associated, a set of group source keys, each group source key being associated with a different 
one of the customer groups, a set of group member keys, each group member key being 
associated with a different one of said group source keys; 

b) an encryption subsystem for encrypting information items information items associated 
with a customer group using the group source key associated with the same group; and 

c) an authentication subsystem for allowing a customer access to a group member key 
once the customer has been authenticated as a member of the customer group with which the 
group member key is associated, thereby enabling the customer to use the group member key to 
decrypt item information previously encrypted using the associated group source key. 

2. A system as defined in claim 1 wherein the authentication subsystem further includes: 

a) an authentication storage subsystem for storing customer identifiers and associated 
passwords; and 

b) authentication logic for receiving customer identifier and password inputs, comparing 
the received inputs to stored customer identifiers and associated passwords, and authenticating 
the inputs provider when the inputs matched the stored corresponding information. 

3. A system as defined in claim 1 wherein the information items include pricing information. 

4. A system as defined in claim 2 wherein the information items including pricing information. 
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1 5. A method for controlling access to information items comprising the steps of: 

2 a) storing definitions of customer groups; 

3 b) storing customer information including which customer group or groups to which each 

4 customer belongs; 

5 c) storing information items including which customer group or groups with which each 

6 information item is associated; 

7 d) storing sets of key pairs, each key pair being associated with one of the defined 

8 customer groups and comprising a group source key and a group member key; 

9 e) encrypting at least one information item using the group source key for the group with 

10 which the information item is associated; and 

11 f) providing the group member keys to customer members of the groups with which the 
IIP group member keys are associated, thereby enabling a customer to decrypt an encrypted 

13ij information item associated with the customer's group. 

ijj 6. A method as defined in claim 5 wherein the stored customer information includes customer 

2~f identifiers and passwords and wherein the providing step further includes the steps of: 
3h a) receiving customer identifier and password inputs; 

% b) comparing the received inputs to stored customer identifiers and passwords; 

5P c) responding to a match between the received inputs and a stored customer identifier and 

password by identifying the customer as having been authenticated; and 

7 d) making available the group member key associated with a customer group to which the 

8 authenticated customer belongs. 
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1 7. A program product having a computer-readable medium storing computer-readable program 

2 code for controlling access to information items, said computer-reable program code comprising: 

3 a) code for causing the storage of definitions of customer groups; 

4 b) code for causing the storage of customer information including which customer group 

5 or groups to which each customer belongs; 

6 c) code for causing the storage of information items including which customer group or 

7 groups with which each information item is associated; 

8 d) code for causing the storage of sets of key pairs, each key pair being associated with 

9 one of the defined customer groups and comprising a group source key and a group member key; 
ICO e) code for encrypting at least one information item using the group source key for the 

1 1| group with which the information item is associated; and 

12' f) c °de for providing the group member keys to customer members of the groups with 

13M which the group member keys are associated, thereby enabling a customer to decrypt an 

14 j encrypted information item associated with the customer's group. 

fj 8. A program product as defined in claim 7 wherein the stored customer information includes 

2* customer identifiers and passwords and the program product further includes: 
3[. a) code for receiving customer identifier and password inputs; 

4 b) code for comparing the received inputs to stored customer identifiers and passwords; 

5 c) code responsive to a match between the received inputs and a stored customer 

6 identifier and password to identify the customer as having been authenticated; and 

7 d) code responsive to the authentication to make available the group member key 

8 associated with a customer group to which the authenticated customer belongs. 
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